Prevent Account Hacking And Hijacking

Any information in this guide which is similar to other guides or other original user works in Perfect World forums or elsewhere is purely coincidental, This guide has been written from scratch using my knowledge gained from computer security certifications unless specifically noted.


This is a guide on account security when it comes to your Perfect World account and password security in general. Some of this might be common sense or a refresher. However I encourage you to read everything contained here. There is a lot of good and useful information you may be surprised to learn or think about. There may be a lot of information here and it may be a bit long however, It's worth the 15 minute investment to potentially save your identity and personal information in the real world and possibly the 10 months of hard work you spent making your character.

When creating a password for your account it's best to follow these 12 guidelines. Also there are strategies about managing them to keep your Perfect World account secure or any other program or website you may need to log into. Read slowly, Carefully and try to understand each topic and think about how it applies to you.

---

1. Your must be no less than 10 characters in length.

2. Your password should not have any complete words in it, especially a word that is in the dictionary. English or foreign dictionaries. Use your best judgment and common sense about this.

3. Your password shouldn't be related to anyone or anything in your life that is personal to you. This includes parents, People you know, Places, Pets, Digits from your birthday or the year you graduated etc.

Example: If your user account has the name or picture of your pet dog. And your password is your dog's name.

Another example: Your profile picture is your car. Your password is Viper2008

4. Your password should contain letters AND numbers. Not just one or the other. Additionally I recommend your password contain uppercase and lowercase characters.

5. Include at least one symbol in the password. Do not use an underscore or dash, It's very common and predictable. If possible and the website or program supports the complexity requirement, Use less common symbol such as a bracket and use more than one special symbol.

6. Never share your password with anyone for any reason whatsoever. This should include your friends. This is very important..There are several reasons why you shouldn't do this outside the obvious.

One reason is that, depending on how you relay this information to your friend, If your friend has a virus or keylogger installed on their computer. You have just given someone else your Perfect World login too, Not just your friend, There's several technical reasons to list.

If for some reason you violate this suggestion, After your friend is done doing who knows what with your account for a short time, Change your password immediately in a way that is not related to your former password at all.

Not because you don't trust your friend, Because you don't trust their installation of Windows, You can't personally verify the security of their computer, And if you can, Change it anyway ; )


7. In order for this to be effective, You must change your password on a regular basis. It doesn't do any good if someone is trying to LITERALLY **** into your account and you let them have an infinite length of time to “crack” or get your one password. As a general rule, I would recommend changing your password once a month, Although for maximum security, Passwords should be changed at random intervals.


8. Never use the same passwords or similar password. This is not secure or safe in any way. For example changing one character on the end or adding a number. This is a very predictable behavior and very common as well.


9. If possible, Don't write your password down where someone can just look at it. Don't write them on sticky notes and put them on your monitor or under your keyboard. If for some reason you have to write it down, Don't use a sticky note or colored paper note.

I realize this is a bit extreme, However the reason is this: If you have problems with a person in your life, They may try to retaliate against you. That's just how people are sometimes.

When a REAL hacker or vulnerability/security tester looks for logins and passwords, Sometimes he or she may have to look through a companies garbage or paper records. The easiest way to get this information is to read the sticky notes. People never shred them and they always write login information on them. So don't get into that habit. Always shred, burn, degauss or crush sensitive information. It's logical to assume any friends or family members who are mad at you or anything similar could do the same or something similar as well. It can and does happen unfortunately.


10. You should never have a document on your computer that contains all your login information. Like a word document or a text file. This means anyone can open it and read it. People behind the keyboard or someone who has **** into your computer. If you store passwords on your computer use a password management program that can encrypt the file with your information in it and store a copy off-site at another location. Make sure to have a second up to date copy. This way if anyone ever gets a copy of it. They can't access your personal information anyway because the file is encrypted.


11. Never enter your username or password anywhere else except the official Perfect World website, another official login area for support Or into the game when you login. There's fake links in emails, Fake login forms and a variety of other ways someone can try to get your login information. Unless your logging into the official site or the game itself do not submit your information. Always verify the web address. First, make sure it's not something like Perfectw0rld.com or some other similar looking url that is actually not valid in any way.

12. Consider using password management software to make this easy on you.

Keypass is an example of a good program to use. It's the program I have always used.

1. It is a free program
2. No spam, Adware, Adverts, Popups, Registration etc.
3. It stores any passwords you have inside an encrypted file.
4. It generates random passwords for you up to any reasonable length ( 30,000 ) and meet any complexity requirements ( Capitol characters, Lowercase, Letters, Numbers, Special characters, Brackets,Minus, Underscore, Spaces. It can generate passwords based on random mouse input.
5. It can automatically type passwords for you. And more.


Here are some examples of good passwords, But passwords you should never use because now everyone knows them ; ) These were generated using Keypass.

x7c^l$&m

D3#+MCxL

zw;bC'J?$847

ZlowN8&ge:n$7p:#!s@FXI


Unfortunately PerfectWorld does not support ALL of these complexity measures, Using special symbols and such. I do believe it does however support letters, uppercase and lowercase as well as numbers and length up to 14 characters. It is a good idea to use a password that meets the all complexity rules when possible. If you use Keypass, It allows you to automatically enter the password into the program or you can edit your record and then copy and paste the password into the program too so that you never have to type your password or remember it.

In summation. In my personal and professional experience, These are some of the best practices when creating a password and managing passwords to ensure maximum safety and security of anything you have to log into.

Remember, Most people do not follow these rules and this is how REAL identity theft happens, Account jacking, **** accounts and more. If a REAL hacker attempted to get into your account and you follow these guidlines. They would probably give up quite fast and move onto an easier account to **** because they know they can easily get into several other accounts with much less effort.

For example they would probably go and try 123 or 123123 or 123456 or the person's Perfect World forum username for the password too. ; )

Good security is the first deterrent to protecting your assets.

Who's changing their password after reading about the 123 and Perfect World part? <_< >_> o.o ; ))


Part of security is disaster prevention. If you use a password management program, Always store the file that contains all your login information on another hard drive if possible, Not the drive that has windows installed on it. Also always keep a second up to date copy off-site. In case of a natural disaster, Theft or another unforeseen incident.


In summation: I hope you all learned something and that this information will help you protect your Perfect World account as well as your identity and other information in your personal life.


*I am not affiliated, associated or representing any companies mentioned in this thread.

Regards, SemperHacker
Certified in security

SemperHealer-Cleric
Foltern-Archer